Reducing Memory Usage at Shard Library Use on Embedded Devices
|
|
- Augusta Owens
- 6 years ago
- Views:
Transcription
1 Reducing Memory Usage at Shard Library Use on Embedded Devices Tetsuji Yamamoto, Matsushita Electric Industrial Co., Ltd. Masashige Mizuyama, Panasonic Mobile Communications Co., Ltd. [translated by Takao Ikoma]
2 Table of Contents Background Analysis Method discussed Lazy Loading (overview, idea, implementation) Results Issues Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 2
3 Background(1) In embedded systems such as cellular phones, features of applications have grown up, so more dynamic libraries are getting linked (in some cases, dozens of libraries are linked) dependency among dynamic libraries gets complicated, unnecessary library for the application, or library required only for a specific feature, must be linked CASE1 main(){ funca(); funcb(); app funca(){ funcc(){ funcd(); liba.so funcd(){ libd.so funcb(){ libb.so For the dependency shown above, lib A, B and D should be linked; but libd.so is not actually used, thus the memory for the library is wasted. Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 3
4 Background(2) CASE2: app main(){ funca(false); funcb(); funca(bool X){ if(x){ func D(); else { func B(); liba.so funcd(){ libd.so funcb(){ libb.so For the structure shown above, funcd() is never called at runtime, but should be linked. To handle this with dynamic loading (dlopen(), dlsym()), both the application and the libraries should be restructured, which would cost a lot Would like to save this memory overhead for which unused library is loaded. Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 4
5 Analysis(1) How much of memory are used just by loading libraries? When linking dynamic libraries, (even if not used) RAM of more than one page/library is consumed (If the boundary between data region and bss region is not on a page boundary, zeros are padded for bss initialization (one page used) RAM is also used by rewriting.data/.got due to conflict Section Headers: (librt.so.1) [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL [ 1].note.ABI-tag NOTE f4 0000f A [ 2].hash HASH d0 04 A [ 3].dynsym DYNSYM e4 0005e A 4 2a 4 [ 4].dynstr STRTAB 00000e24 000e ae 00 A [ 5].gnu.version VERSYM d2 0012d A [ 6].gnu.version_d VERDEF dc 0013dc 00005c 00 A [ 7].gnu.version_r VERNEED b0 00 A [ 8].rel.dyn REL e8 0014e8 0001c8 08 A [ 9].rel.plt REL b0 0016b0 0001d8 08 A 3 b 4 [10].init PROGBITS AX [11].plt PROGBITS c 00189c 0003c0 04 AX [12].text PROGBITS 00001c5c 001c5c AX [13] libc_freeres_fn PROGBITS a0 00 AX [14].fini PROGBITS c 00 AX [15].rodata PROGBITS f8 00 A [16].interp PROGBITS A [17].data PROGBITS 0000e WA [18] libc_subfreeres PROGBITS 0000e WA [19].eh_frame PROGBITS 0000e A [20].dynamic DYNAMIC 0000e07c 00607c 0000f0 08 WA [21].ctors PROGBITS 0000e16c 00616c WA [22].dtors PROGBITS 0000e WA [23].jcr PROGBITS 0000e17c 00617c WA [24].got PROGBITS 0000e cc 04 WA [25].bss NOBITS 0000e34c 00634c 00ac60 00 WA [26].comment PROGBITS c 00085e a a01c5c 41a a a0e000 41a0e07c 41a0e180 41a0e34c 41a0efff 41a18fac Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 5.text.rodata.interp.data.dynamic.got.bss Unless prelinked, RAM is used for relocation read only Even if relinked, rewriting may occur, i.e. RAM may be used, for conflict processing etc. read write RAM is used to zero added up to page boundary
6 Analysis(2) Initialization part of.bss (ld.so (elf/dl-load.c)) _dl_map_object_from_fd() 内 zero = l->l_addr + c->dataend; zeroend = l->l_addr + c->allocend; zeropage = ((zero + GL(dl_pagesize) - 1) & ~(GL(dl_pagesize) - 1)); if (zeropage > zero) { /* Zero the final part of the last page of the segment. */ if ((c->prot & PROT_WRITE) == 0) { /* Dag nab it. */ if ( builtin_expect ( mprotect ((caddr_t) (zero & ~(GL(dl_pagesize) - 1)), GL(dl_pagesize), c->prot PROT_WRITE) < 0, 0)) memset ((void *) zero, ' 0', zeropage - zero); if ((c->prot & PROT_WRITE) == 0) mprotect ((caddr_t) (zero & ~(GL(dl_pagesize) - 1)), GL(dl_pagesize), c->prot); if (zeroend > zeropage) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 6
7 c.f. On conflict in prelink Cause of conflict occurence Symbol->address mapping resolved with prelink may not be same for the case it is resolved within libraries for which the library depends Usual Case app main(){ funcx() ; on, and for the case resolved including exec file. libx.so extern int foo; funcx(){ funcy(); int foo; funcy(){ liby.so Case with symbol copy (R_ARM_COPY type) app extern int foo; main(){ funcx() ; libx.so extern int foo; funcx(){ funcy(); As the reference of the symbol changes,.got/.data must be rewriten int foo; funcy(){ liby.so app depends on libx.so, and libx.so depends on liby.so no conflict in this case For symbol referred in execution file, its entity is copied to execution file side, so reference in libraries should be modified (Current ARM compiler does not support znocopyreloc option, so behavior above can not be suppressed) Modify reference of foo in libx.so to app side (conflict) Further, conflict information is generated when library dependency is insufficient at link time, or when symbol is doubly defined. Addresses whose symbols were resolved with prelink exist in.got/.data sections. These sections may be modified. Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 7
8 Methods Studied What can we do to load required libraries only when they work? Plan1 Design with total consistency considering which libraries to use Straightforward approach, but cost to manage several handreds libraries is prohibitive Plan2 Implement with dynamic library loading (dlopen()) All of application and libraries implemented have to be fixed. Prelink is not applicable, and overhead of dlopen() (symbol resolution processing) is large Plan3 Make loader/os to automatically load libraries when required (when libraries are executed/accessed) (lazyload) Example:CASE2: main(){ funca(false); funcb(); Loaded as accessed app funca(bool X){ if(x){ func D(); else { func B(); funcb(){ liba.so libb.so funcd(){ libd.so This code is not executed and funcd() is not called, thus no loading occurs Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 8
9 Lazy Loading (Mechanism) Using memory fault to invoke handler of loader,lazy load of library is implemented 0000: : : a5: c6: : :4000 libx.so : xxx() の実行 ld.so libc.so libx xxx() User Space (beforer loading) As prelinked, address is directly called e.g. call As the space is not loaded (nothing exists), memory fault occurs! addrinfo 4100:0000~4400:0000 (Library exists at the address above) kernel Check if the fault address (4376:0000) is in the library area ld.so If so, Loaded when OS started up libx.so : execute xxx() ld.so libc.so libx xxx() User Space (after loading) Target of lazy load: not loaded yet Fault handler: Loads library (libx.so) which should be loaded at fault address(4376:0000) Restore the state before fault and continue processing (execute xxx()) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 9
10 LazyLoading (Overview) overview Environment Based on MontaVista CEE3.1(kernel , glibc 2.3.2), modified Linux kernel glibc(ld.so). Premise Must be prelinked; load addresses fixed and bind processing done. Because fault is judged with load address If address resolution (BIND) has not been done, other libraries are loaded for symbol search, and memory saving effect would be disappear Overview of behavior (1) Kernel loads library address information (at kernel bootup) (2) Behavior at process invocation Judge if lazy loading on Register fault handler to kernel mmap library as READ ONLY Build information (struct link_info) in loader unmap library To main() (3) When a library is accessed after main() started, fault (segmentation fault) occurs and control passed to ld.so handler Judging from the fault address, the designated library is loaded and return. Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 10
11 Lazy Loading (Change Log) Major Placed Changed Linux Kernel arch/arm/kernel/call.s : Add system call (for fault handler registration, obtaining register info at fault) arch/arm/kernel/sys_arm.c : Replaced return PC address at fault arch/arm/kernel/dlfault.c(new) : Handler code for fault arch/arm/mm/fault-common.c : Branch at memory fault init/main.c : Reading library address information glibc (ld.so) elf/rtld.c : Judging lazy loading, ON/OFF, fault handler, etc elf/dl-load.c : Saving and loading load information for lazy loading elf/dl-init.c : Initialization of library for lazy loading elf/conflict.c : Conflict processing for lazy loading include/link.h : Added variables for lazy loading (load management, addr info) sysdeps/genelic/ldsodefs.h : Added variables for lazy loading (ON/OFF) Patches will be published on CELF web Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 11
12 Lazy Loading (Source Code: excerpts) Jump from memory fault to handler with process below Fault handler do_translation_fault() do_bad_area(struct task_struct *tsk, struct mm_struct *mm, unsigned long addr, int error_code, struct pt_regs *regs) { /* * If we are in kernel mode at this point, we * have no context to handle this fault with. */ if (user_mode(regs)){ else if(!search_dl_hash(addr)){ // search if in the library area dl_fault_savereg(tsk,regs,addr); // save register info dl_fault_setpc(tsk,regs); // rewrite return address to // loader handler else{ do_user_fault(tsk,addr,error_code,segv_maperr,regs); do_kernel_fault(mm,addr,error_code,regs); arch/arm/mm/fault-common.c Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 12
13 Lazy Loading (Source Code: excerpts) Kernel -> Load Handler -> Return with process below kernel static void _dl_lazy_trap_handler( void ) { unsigned regs[17]; unsigned addr; struct link_map *l = GL(dl_loaded); int found=0; SWI_ARG2(270, &addr, regs); // Get register info elf/rtld.c /* search maps */ for(;l;l = l->l_next){ // Search which part of the load address info (link_map) // the fault address matches if(!found){ // If not found, delete hadler registration and reinvoke fault SWI_ARG1(269, NULL); /* clear handler */ else { if(l->l_lazy){ // Load if library has not been loaded yet while(!compare_and_swap((long *)&(l->l_map_working), 0, 1)) usleep(30000); // Ugly; 30ms wait for race condition if(l->l_lazy){ // Load if the library has not been loaded _dl_map_object_lazy(l, GL(dl_locked_load_mode), 1); // Load the library // Do conflict processing within function _dl_init_lazy(l); // Call initialization of the library l->l_lazy = 0; /* load finished */ while(!compare_and_swap((long *)&(l->l_map_working), 1, 0)){ usleep(30000); /* wait 30ms */ RETURN_TO_FAULTPROG((long)regs); // Restore the registers at fault Return to just before fault Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 13
14 Optional Features Can disable lazy loading per library Objective: (1) To avoid overhead for libraries which are always loaded (libc.so, libpthread.so etc.) (2) To make it possible to initialize for libraries which must always call init before invocation (main()) Methods: Specify library path in file /etc/ld.so.forbid_lazyload compare in dl-load.c and judge if exception or not Can set ON/OFF of lazy loading with environment variable ("DL_LAZY_LOAD") For debug, evaluation Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 14
15 Lazy Loading (Results) Results Asssuming that each of 35 processes links to 40 libraries,and that 60% of them need not be loaded any more, 35 x (40 x 0.6) x 4KB = 3.36M more than 3.36MB would be reduced (as an ordinary library consumes more than 4KB) Further, due to less virtual space required, PTE cache is saved(up to several hundred kilobytes) 35 processes: common number of processes on PC Linux 40 libraries: Linux application (such that gnome related one) depends on around 40 libraries 60%: Actual library use rate (actually measured on a single device) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 15
16 Lazy Loading (Discussion) Cosideration of other implementation (features studied at implementation) Any other method to hook first access of library? Not found so far Similar mechanism on existing libc - lazy_binding -- Function to defer symbol resolution. Effective for start up performance but no effect to save memory - filter -- Usable for the part to incorporate symbol information of library, but no use for our purpose Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 16
17 Issues Improvement proposal welcome Call sequence of init/fini not garranteed No effect for libraries which dlopen() Race condition at fault under multithread Performance While suppressing to load unused librares, no improvement of start up time observed: because of mmap() -> read.dynamic etc -> unmap() at start up (current unmap() is slow) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 17
18 Issues (detail (1)) Issue of init/fini For ordinary libraries, initializers are called from the bottom of dependency, and finalizers are called in the reverse order In the case of lazy loading, initializers are called when loaded, so the order is not warranteed (If not loaded, its initializer is called at all). But in many cases, there will not actually be any problem (In case that initialization, not the order of the initialization, matters, the problem can be avoided by excluding the library from lazy loading) app liby.so Processing of ordinary loader Processing of Lazy loading fini: only loaded libraries are called in the reverse order of dependency libx.so Dependency (Libpthread.so depends on libc.so, etc) libpthread.so libc.so order init() called order fini() called init: executed in the order of loading, regardless of dependency; unless loaded, not executed e.g. if initializer initializes shared memory which is used by app Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 18
19 Issues (detail (2)) Unused libraries won t be loaded Issue of dlopen() Library to do dlopen() searches symbols to be used, at loading (lookup) At this processing, as symbol table of each library is looked up, even unnecessary libraries are accessed and loaded on memory (A tentative measure:) dyanmic link of the library to dlopen() x memory is not consumed (although some memory for management (link_info; about 500B/library) is consumed). app liba.so libb.so libc.so libc.so fopen() dlopen(libxxx.so) Search symbols { libxxx.so fopen(); libraries are loaded, as symbol tables are accessed Symbol "fopen searched in the order of dependency Link libxxx.so to app app liba.so libb.so libc.so libxxx.so fopen(); libc.so substance of fopen() By linking, the library is now target of prelink, and the symbol has been resolved before loading (can omit lookup at dlopen()) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 19
20 Issues (detail (3)) Race condition of library loading under multithread Race condition for simultaneous faults under multiple threads has already been considered The problem occurs in case of race condition while loading In such a case that task switches at library loading (while mmpap()'ing some of memory) and that another thread accesses that memory (e.g. conflict processing has not been done yet and it may not be correct) [A tentative measure:] Fixed the order of load processing: mmap() data region conflict processing mmap() text region ( Observing access behavior of library, text region turned out to be accessed first when accessing a new library() ) On thread race condition while loading library Original Implementation (Same order as loader processing) text text at this timing another thread may access bss region (bss region has not been zeroed yet error text Reverse the order to load Current implementation In most cases, first access of the library start with some function call (Scarcely data region access comes first) text Here, as loading has been completed, no problem occurs data data bss mmap() text mmap() data fix bss/conflict rewriting by conflict data data bss mmap() data fix bss/conflict Execution request at this timing can be caught as fault occurs loader controls execution. data bss mmap() text Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 20
21 Thanks you Special thanks to Takao Ikoma.(Translation Jp->En) Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 21
From Website:
From Website: http://resources.infosecinstitute.com/hello-world-c-assembly-object-file-and-executable/ Hello World: C, Assembly, Object File and Executable By Dejan Lukan January 7th, 2013 Introduction
More informationStudy and Analysis of ELF Vulnerabilities in Linux
Study and Analysis of ELF Vulnerabilities in Linux Biswajit Sarma Assistant professor, Department of Computer Science and Engineering, Jorhat Engineering College, Srishti Dasgupta Final year student, Department
More informationLink 8. Dynamic Linking
Link 8. Dynamic Linking Young W. Lim 2018-12-27 Thr Young W. Lim Link 8. Dynamic Linking 2018-12-27 Thr 1 / 66 Outline 1 Linking - 8. Dynamic Linking Based on Dynamic linking with a shared library example
More informationLinux on zseries ABI and Linkage Format SHARE 102 Session 9236
Linux on zseries ABI and Linkage Format SHARE 102 Session 9236 Dr. Ulrich Weigand Linux on zseries Development, IBM Lab Böblingen Ulrich.Weigand@de.ibm.com Agenda Compiling, linking, and loading Function
More informationLink 3. Symbols. Young W. Lim Mon. Young W. Lim Link 3. Symbols Mon 1 / 42
Link 3. Symbols Young W. Lim 2017-09-11 Mon Young W. Lim Link 3. Symbols 2017-09-11 Mon 1 / 42 Outline 1 Linking - 3. Symbols Based on Symbols Symbol Tables Symbol Table Examples main.o s symbol table
More informationPayload Already Inside: Data re-use for ROP Exploits
Payload Already Inside: Data re-use for ROP Exploits Long Le longld at vnsecurity.net Thanh Nguyen rd at vnsecurity.net 1 HITB2010KUL DEEPSEC Agenda Introduction Recap on stack overflow & mitigations Multistage
More informationJuly 14, EPITA Systems/Security Laboratory (LSE) Code sandboxing. Alpha Abdoulaye - Pierre Marsais. Introduction. Solutions.
EPITA Systems/Security Laboratory (LSE) July 14, 2017 1 / 34 2 / 34 What do we want? Limit usage of some resources such as system calls and shared object functions But not from the whole program (we trust
More informationA Consideration of Memory Saving by Efficient Mapping of Shared Libraries
A Consideration of Memory Saving by Efficient Mapping of Shared Libraries Masahiko Takahashi System Platforms Research Laboratories NEC Corporation April 12, 2010 Embedded Linux Conference 2010 Introduction:
More informationStack frame unwinding on ARM
Stack frame unwinding on ARM Ken Werner LDS, Budapest 2011 http:/www.linaro.org why? Who needs to unwind the stack? C++ exceptions GDB anyone who wants to display the call chain Unwinding in General How
More informationProcess Address Spaces and Binary Formats
Process Address Spaces and Binary Formats Don Porter CSE 506 Binary Formats RCU Memory Management Logical Diagram File System Memory Threads Allocators Today s Lecture System Calls Device Drivers Networking
More informationEE458 - Embedded Systems Lecture 4 Embedded Devel.
EE458 - Embedded Lecture 4 Embedded Devel. Outline C File Streams References RTC: Chapter 2 File Streams man pages 1 Cross-platform Development Environment 2 Software available on the host system typically
More informationECE 598 Advanced Operating Systems Lecture 10
ECE 598 Advanced Operating Systems Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 22 February 2018 Announcements Homework #5 will be posted 1 Blocking vs Nonblocking
More informationOutline. Outline. Common Linux tools to explore object/executable files. Revealing Internals of Loader. Zhiqiang Lin
CS 6V81-05: System Security and Malicious Code Analysis Revealing Internals of Loader Zhiqiang Lin Department of Computer Science University of Texas at Dallas March 28 th, 2012 Common Linux tools to explore
More informationCS5460/6460: Operating Systems. Lecture 21: Shared libraries. Anton Burtsev March, 2014
CS5460/6460: Operating Systems Lecture 21: Shared libraries Anton Burtsev March, 2014 Recap from last time We know what linkers and loaders do Types of object files Relocatable object files (.o) Static
More informationPrelinker Usage for MIPS Cores CELF Jamboree #11 Tokyo, Japan, Oct 27, 2006
At the core of the user experience. Prelinker Usage for MIPS Cores CELF Jamboree #11 Tokyo, Japan, Oct 27, 2006 Arvind Kumar, MIPS Technologies Kazu Hirata, CodeSourcery Outline What is the prelinker?
More informationToday s Big Adventure
Today s Big Adventure - How to name and refer to things that don t exist yet - How to merge separate name spaces into a cohesive whole Readings - man a.out & elf on a Solaris machine - run nm or objdump
More informationP6 memory system P6/Linux Memory System October 31, Overview of P6 address translation. Review of abbreviations. Topics. Symbols: ...
15-213 P6/Linux ory System October 31, 00 Topics P6 address translation Linux memory management Linux fault handling memory mapping DRAM bus interface unit instruction fetch unit processor package P6 memory
More informationProcess Address Spaces and Binary Formats
Process Address Spaces and Binary Formats Don Porter Background We ve talked some about processes This lecture: discuss overall virtual memory organizafon Key abstracfon: Address space We will learn about
More informationseven Virtual Memory Introduction
Virtual Memory seven Exercise Goal: You will study how Linux implements virtual memory. A general architecture-independent memory model is the basis of all Linux virtual memory implementations, though
More informationIntel P The course that gives CMU its Zip! P6/Linux Memory System November 1, P6 memory system. Review of abbreviations
15-213 The course that gives CMU its Zip! P6/Linux ory System November 1, 01 Topics P6 address translation Linux memory management Linux fault handling memory mapping Intel P6 Internal Designation for
More informationApplications of. Virtual Memory in. OS Design
Applications of Virtual Memory in OS Design Nima Honarmand Introduction Virtual memory is a powerful level of indirection Indirection: IMO, the most powerful concept in Computer Science Fundamental Theorem
More informationexecutable-only-memory-switch (XOM-Switch)
executable-only-memory-switch (XOM-Switch) Hiding Your Code From Advanced Code Reuse Attacks in One Shot Mingwei Zhang, Ravi Sahita (Intel Labs) Daiping Liu (University of Delaware) 1 [Short BIO of Speaker]
More informationToday s Big Adventure
1/34 Today s Big Adventure - How to name and refer to things that don t exist yet - How to merge separate name spaces into a cohesive whole Readings - man a.out & elf on a Solaris machine - run nm or objdump
More informationIncremental Linking with Gold
Incremental Linking with Gold Linux Foundation Collaboration Summit April 5, 2012 Cary Coutant This work is licensed under the Creative Commons Attribution-NoDerivs 3.0 Unported License. To view a copy
More informationApplication Fault Tolerance Using Continuous Checkpoint/Restart
Application Fault Tolerance Using Continuous Checkpoint/Restart Tomoki Sekiyama Linux Technology Center Yokohama Research Laboratory Hitachi Ltd. Outline 1. Overview of Application Fault Tolerance and
More informationIntel P6 (Bob Colwell s Chip, CMU Alumni) The course that gives CMU its Zip! Memory System Case Studies November 7, 2007.
class.ppt 15-213 The course that gives CMU its Zip! ory System Case Studies November 7, 07 Topics P6 address translation x86-64 extensions Linux memory management Linux fault handling ory mapping Intel
More informationMemory System Case Studies Oct. 13, 2008
Topics 15-213 Memory System Case Studies Oct. 13, 2008 P6 address translation x86-64 extensions Linux memory management Linux page fault handling Memory mapping Class15+.ppt Intel P6 (Bob Colwell s Chip,
More informationPentium/Linux Memory System March 17, 2005
15-213 The course that gives CMU its Zip! Topics Pentium/Linux Memory System March 17, 2005 P6 address translation x86-64 extensions Linux memory management Linux page fault handling Memory mapping 17-linuxmem.ppt
More informationEvaluation of MIPS Prelinking
Evaluation of MIPS Prelinking Shin ichi TSURUMOTO MITSUBISHI Electric Corporation Advanced Technology R&D Center Overview Obtained prelinker for MIPS, compiler and libraries, and ran them on our target
More informationMidterm. Median: 56, Mean: "midterm.data" using 1:2 1 / 37
30 Midterm "midterm.data" using 1:2 25 20 15 10 5 0 0 20 40 60 80 100 Median: 56, Mean: 53.13 1 / 37 Today s Big Adventure f.c gcc f.s as f.o c.c gcc c.s as c.o ld a.out How to name and refer to things
More informationECE 598 Advanced Operating Systems Lecture 11
ECE 598 Advanced Operating Systems Lecture 11 Vince Weaver http://www.eece.maine.edu/~vweaver vincent.weaver@maine.edu 23 February 2016 Announcements Homework #5 Posted Some notes, discovered the hard
More informationProcess Environment. Pradipta De
Process Environment Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Program to process How is a program loaded by the kernel How does kernel set up the process Outline Review of linking and loading
More informationVirtual Memory: Systems
Virtual Memory: Systems 5-23: Introduction to Computer Systems 8 th Lecture, March 28, 27 Instructor: Franz Franchetti & Seth Copen Goldstein Recap: Hmmm, How Does This Work?! Process Process 2 Process
More informationMemory Mapping. Sarah Diesburg COP5641
Memory Mapping Sarah Diesburg COP5641 Memory Mapping Translation of address issued by some device (e.g., CPU or I/O device) to address sent out on memory bus (physical address) Mapping is performed by
More informationMemory Management. Fundamentally two related, but distinct, issues. Management of logical address space resource
Management Fundamentally two related, but distinct, issues Management of logical address space resource On IA-32, address space may be scarce resource for a user process (4 GB max) Management of physical
More informationPROCESS VIRTUAL MEMORY PART 2. CS124 Operating Systems Winter , Lecture 19
PROCESS VIRTUAL MEMORY PART 2 CS24 Operating Systems Winter 25-26, Lecture 9 2 Virtual Memory Abstraction Last time, officially introduced concept of virtual memory Programs use virtual addresses to refer
More informationECE 571 Advanced Microprocessor-Based Design Lecture 13
ECE 571 Advanced Microprocessor-Based Design Lecture 13 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 21 March 2017 Announcements More on HW#6 When ask for reasons why cache
More informationProcess Address Spaces and Binary Formats
Process Address Spaces and Binary Formats Don Porter Binary Formats RCU File System Logical Diagram Memory Allocators Today s Lecture System Calls Networking Threads Sync User Kernel Memory Management
More informationControl Flow Integrity
Control Flow Integrity Outline CFI Control Flow Integrity at Source Code Level BinCFI CFI for Binary Executables BinCC Binary Code Continent vfguard CFI Policy for Virtual Function Calls 1 M. Abadi, M.
More informationCSE506: Operating Systems CSE 506: Operating Systems
CSE 506: Operating Systems Memory Management Review We ve seen how paging works on x86 Maps virtual addresses to physical pages These are the low-level hardware tools This lecture: build up to higher-level
More informationProtecting Against Unexpected System Calls
Protecting Against Unexpected System Calls C. M. Linn, M. Rajagopalan, S. Baker, C. Collberg, S. K. Debray, J. H. Hartman Department of Computer Science University of Arizona Presented By: Mohamed Hassan
More informationPROCESS VIRTUAL MEMORY. CS124 Operating Systems Winter , Lecture 18
PROCESS VIRTUAL MEMORY CS124 Operating Systems Winter 2015-2016, Lecture 18 2 Programs and Memory Programs perform many interactions with memory Accessing variables stored at specific memory locations
More informationSplit debug symbols for pkgsrc builds
Split debug symbols for pkgsrc builds Short report after Google Summer of Code 2016 Leonardo Taccari leot@netbsd.org EuroBSDcon 2016 NetBSD Summit 1 / 23 What will we see in this presentation? ELF, DWARF
More informationTopics: Memory Management (SGG, Chapter 08) 8.1, 8.2, 8.3, 8.5, 8.6 CS 3733 Operating Systems
Topics: Memory Management (SGG, Chapter 08) 8.1, 8.2, 8.3, 8.5, 8.6 CS 3733 Operating Systems Instructor: Dr. Turgay Korkmaz Department Computer Science The University of Texas at San Antonio Office: NPB
More informationCSE506: Operating Systems CSE 506: Operating Systems
CSE 506: Operating Systems Memory Management Review We ve seen how paging works on x86 Maps virtual addresses to physical pages These are the low-level hardware tools This lecture: build up to higher-level
More informationECE 498 Linux Assembly Language Lecture 1
ECE 498 Linux Assembly Language Lecture 1 Vince Weaver http://www.eece.maine.edu/ vweaver vincent.weaver@maine.edu 13 November 2012 Assembly Language: What s it good for? Understanding at a low-level what
More informationOverhead Evaluation about Kprobes and Djprobe (Direct Jump Probe)
Overhead Evaluation about Kprobes and Djprobe (Direct Jump Probe) Masami Hiramatsu Hitachi, Ltd., SDL Jul. 13. 25 1. Abstract To implement flight recorder system, the overhead
More informationLink 4. Relocation. Young W. Lim Sat. Young W. Lim Link 4. Relocation Sat 1 / 33
Link 4. Relocation Young W. Lim 2017-09-16 Sat Young W. Lim Link 4. Relocation 2017-09-16 Sat 1 / 33 Outline 1 Linking - 4. Relocation Based on Relocation Relocation Entries Relocating Symbol Reference
More informationECE 471 Embedded Systems Lecture 5
ECE 471 Embedded Systems Lecture 5 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 13 September 2016 HW#2 is due Thursday It is going OK? Announcements 1 Homework #1 Review Characteristics
More informationP6/Linux Memory System Nov 11, 2009"
P6/Linux Memory System Nov 11, 2009" REMEMBER" 2! 3! Intel P6" P6 Memory System" DRAM" external system bus (e.g. PCI)" L2" cache" cache bus! bus interface unit" inst" TLB" instruction" fetch unit" L1"
More informationCSE 560 Computer Systems Architecture
This Unit: CSE 560 Computer Systems Architecture App App App System software Mem I/O The operating system () A super-application Hardware support for an Page tables and address translation s and hierarchy
More informationDynamic libraries explained
Dynamic libraries explained as seen by a low-level programmer I.Zhirkov 2017 1 Exemplary environment Intel 64 aka AMD64 aka x86_64. GNU/Linux Object file format: ELF files. Languages: C, Assembly (NASM)
More informationCSE 306/506 Operating Systems Process Address Space. YoungMin Kwon
CSE 306/506 Operating Systems Process Address Space YoungMin Kwon Process s Address Space Memory allocation for user processes On request, a right to use a new range of linear address is given to the process
More informationCS252 S05. Main memory management. Memory hardware. The scale of things. Memory hardware (cont.) Bottleneck
Main memory management CMSC 411 Computer Systems Architecture Lecture 16 Memory Hierarchy 3 (Main Memory & Memory) Questions: How big should main memory be? How to handle reads and writes? How to find
More informationPaging. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University
Paging Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Paging Allows the physical address space of a process to be noncontiguous Divide virtual
More informationThe UtePC/Yalnix Memory System
The UtePC/Yalnix Memory System This document describes the UtePC memory management hardware subsystem and the operations that your Yalnix kernel must perform to control it. Please refer to Handout 3 for
More informationKernel Probes for ARM. Quentin Barnes Motorola - Mobile Devices April 17, 2007
Kernel Probes for ARM Quentin Barnes q.barnes@motorola.com Motorola - Mobile Devices April 17, 2007 Overview Introduction to kernel probes How kernel probes work The classic kprobe model and 'boosting'
More informationFixing/Making Holes in Binaries
Fixing/Making Holes in Binaries The Easy, The Hard, The Time Consuming Shaun Clowes Ð shaun@securereality.com.au What are we doing? Changing the behaviour of programs Directly modifying the program in
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 10: Paging Geoffrey M. Voelker Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient
More informationDistribution Kernel Security Hardening with ftrace
Distribution Kernel Security Hardening with ftrace Because sometimes your OS vendor just doesn't have the security features that you want. Written by: Corey Henderson Exploit Attack Surface Hardening system
More informationCS429: Computer Organization and Architecture
CS429: Computer Organization and Architecture Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: January 13, 2017 at 08:55 CS429 Slideset 25: 1 Relocating Symbols
More informationHow To Write Shared Libraries
How To Write Shared Libraries Ulrich Drepper Red Hat, Inc. drepper@redhat.com August 20, 2006 1 Preface Abstract Today, shared libraries are ubiquitous. Developers use them for multiple reasons and create
More informationQuiz I Solutions MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Department of Electrical Engineering and Computer Science
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.828 Fall 2012 Quiz I Solutions Mean 65 Median 66 Std. dev 17.5214 14 12 10 8 6 4 2 0 0 10 20 30 40 50 60
More informationRedirecting functions in shared ELF libraries
Redirecting functions in shared ELF libraries Written by: Anthony V. Shoumikhin, Developer of Driver Development Team, Apriorit Inc. http://www.apriorit.com TABLE OF CONTENTS 1. THE PROBLEM 2 1.1 WHAT
More informationPage Which had internal designation P5
Intel P6 Internal Designation for Successor to Pentium Which had internal designation P5 Fundamentally Different from Pentium 1 Out-of-order, superscalar operation Designed to handle server applications
More informationCSE 120 Principles of Operating Systems Spring 2017
CSE 120 Principles of Operating Systems Spring 2017 Lecture 12: Paging Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient translations (TLBs)
More informationOutline. 1 Details of paging. 2 The user-level perspective. 3 Case study: 4.4 BSD 1 / 19
Outline 1 Details of paging 2 The user-level perspective 3 Case study: 4.4 BSD 1 / 19 Some complications of paging What happens to available memory? - Some physical memory tied up by kernel VM structures
More informationCSCI 4061: Virtual Memory
1 CSCI 4061: Virtual Memory Chris Kauffman Last Updated: Thu Dec 7 12:52:03 CST 2017 2 Logistics: End Game Date Lecture Outside Mon 12/04 Lab 13: Sockets Tue 12/05 Sockets Thu 12/07 Virtual Memory Mon
More informationvirtual memory Page 1 CSE 361S Disk Disk
CSE 36S Motivations for Use DRAM a for the Address space of a process can exceed physical memory size Sum of address spaces of multiple processes can exceed physical memory Simplify Management 2 Multiple
More informationPaging. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University
Paging Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu SSE3044: Operating Systems, Fall 2016, Jinkyu Jeong (jinkyu@skku.edu) Paging Allows the physical
More informationAnalysis of User Level Device Driver usability in embedded application
Analysis of User Level Device Driver usability in embedded application -Technique to achieve good real-time performance- Katsuya Matsubara Takanari Hayama Hitomi Takahashi Hisao Munakata IGEL Co., Ltd
More informationKprobes Presentation Overview
Kprobes Presentation Overview This talk is about how using the Linux kprobe kernel debugging API, may be used to subvert the kernels integrity by manipulating jprobes and kretprobes to patch the kernel.
More informationAdaptive Android Kernel Live Patching
USENIX Security Symposium 2017 Adaptive Android Kernel Live Patching Yue Chen 1, Yulong Zhang 2, Zhi Wang 1, Liangzhao Xia 2, Chenfu Bao 2, Tao Wei 2 Florida State University 1 Baidu X-Lab 2 Android Kernel
More informationCS 33. Libraries. CS33 Intro to Computer Systems XXIX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 33 Libraries CS33 Intro to Computer Systems XXIX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Libraries Collections of useful stuff Allow you to: incorporate items into your program substitute
More informationCS140 - Summer Handout #8
CS1 - Summer 2 - Handout # Today s Big Adventure Linking f.c gcc f.s as c.c gcc c.s as c.o how to name and refer to things that don t exist yet how to merge separate name spaces into a cohesive whole Readings
More informationRelocating Symbols and Resolving External References. CS429: Computer Organization and Architecture. m.o Relocation Info
Relocating Symbols and Resolving External References CS429: Computer Organization and Architecture Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: January 13,
More informationA Simplistic Program Translation Scheme
A Simplistic Program Translation Scheme m.c ASCII source file Translator p Binary executable object file (memory image on disk) Problems: Efficiency: small change requires complete recompilation Modularity:
More informationSystem V Application Binary Interface Linux Extensions Version 0.1
System V Application Binary Interface Linux Extensions Version 0.1 Edited by H.J. Lu 1 November 28, 2018 1 hongjiu.lu@intel.com Contents 1 About this Document 4 1.1 Related Information.........................
More informationMotivation, Concept, Paging January Winter Term 2008/09 Gerd Liefländer Universität Karlsruhe (TH), System Architecture Group
System Architecture 18 Virtual Memory (1) Motivation, Concept, Paging January 19 2009 Winter Term 2008/09 Gerd Liefländer 2008 Universität Karlsruhe (TH), System Architecture Group 1 Agenda Review Address
More informationSYSTEM CALL IMPLEMENTATION. CS124 Operating Systems Fall , Lecture 14
SYSTEM CALL IMPLEMENTATION CS124 Operating Systems Fall 2017-2018, Lecture 14 2 User Processes and System Calls Previously stated that user applications interact with the kernel via system calls Typically
More informationECE 598 Advanced Operating Systems Lecture 14
ECE 598 Advanced Operating Systems Lecture 14 Vince Weaver http://www.eece.maine.edu/~vweaver vincent.weaver@maine.edu 22 March 2016 Announcements 1 Got a Pi3 over break Pi3 Notes Very impressive performance,
More informationMy ld.so. Version 1 5 December Epita systems/security laboratory 2018
My ld.so Version 1 5 December 2016 Epita systems/security laboratory 2018 1 I Copyright This document is for internal use only at EPITA http://www.epita.fr/. Copyright 2016/2017
More informationThread and Synchronization
Thread and Synchronization Task Model (Module 18) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Real-time Systems Lab, Computer Science and Engineering, ASU Why Talk About
More informationECE 471 Embedded Systems Lecture 4
ECE 471 Embedded Systems Lecture 4 Vince Weaver http://www.eece.maine.edu/ vweaver vincent.weaver@maine.edu 12 September 2013 Announcements HW#1 will be posted later today For next class, at least skim
More informationARMlock: Hardware-based Fault Isolation for ARM
ARMlock: Hardware-based Fault Isolation for ARM Yajin Zhou, Xiaoguang Wang, Yue Chen, and Zhi Wang North Carolina State University Xi an Jiaotong University Florida State University Software is Complicated
More informationECE 571 Advanced Microprocessor-Based Design Lecture 12
ECE 571 Advanced Microprocessor-Based Design Lecture 12 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 1 March 2018 HW#6 will be posted Project will be coming up Announcements
More informationCS 134: Operating Systems
CS 134: Operating Systems More Memory Management CS 134: Operating Systems More Memory Management 1 / 27 2 / 27 Overview Overview Overview Segmentation Recap Segmentation Recap Segmentation Recap Segmentation
More informationCS 33. Libraries. CS33 Intro to Computer Systems XXVIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.
CS 33 Libraries CS33 Intro to Computer Systems XXVIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved. Libraries Collections of useful stuff Allow you to: incorporate items into your program substitute
More informationBreaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX. Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology
Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology Kernel Address Space Layout Randomization (KASLR) A statistical
More informationThreads and Concurrency
Threads and Concurrency 1 Threads and Concurrency key concepts threads, concurrent execution, timesharing, context switch, interrupts, preemption reading Three Easy Pieces: Chapter 26 (Concurrency and
More informationAdministrivia. - If you didn t get Second test of class mailing list, contact cs240c-staff. Clarification on double counting policy
p. 1/19 Administrivia Recently updated class mailing list - If you didn t get Second test of class mailing list, contact cs240c-staff. Clarification on double counting policy - Your class project may coincide
More informationECEN 449 Microprocessor System Design. Hardware-Software Communication. Texas A&M University
ECEN 449 Microprocessor System Design Hardware-Software Communication 1 Objectives of this Lecture Unit Learn basics of Hardware-Software communication Memory Mapped I/O Polling/Interrupts 2 Motivation
More information[07] SEGMENTATION 1. 1
[07] SEGMENTATION 1. 1 OUTLINE Segmentation An Alternative to Paging Implementing Segments Segment Table Lookup Algorithm Protection and Sharing Sharing Subtleties External Fragmentation Segmentation vs
More informationThreads and Concurrency
Threads and Concurrency 1 Threads and Concurrency key concepts threads, concurrent execution, timesharing, context switch, interrupts, preemption reading Three Easy Pieces: Chapter 26 (Concurrency and
More informationOperating Systems. 09. Memory Management Part 1. Paul Krzyzanowski. Rutgers University. Spring 2015
Operating Systems 09. Memory Management Part 1 Paul Krzyzanowski Rutgers University Spring 2015 March 9, 2015 2014-2015 Paul Krzyzanowski 1 CPU Access to Memory The CPU reads instructions and reads/write
More informationToday s Big Adventure
Today s Big Adventure f.c gcc f.s as f.o c.c gcc c.s as c.o ld a.out How to name and refer to things that don t exist yet How to merge separate name spaces into a cohesive whole More information: - How
More informationChapter 8 Memory Management
Chapter 8 Memory Management Da-Wei Chang CSIE.NCKU Source: Abraham Silberschatz, Peter B. Galvin, and Greg Gagne, "Operating System Concepts", 9th Edition, Wiley. 1 Outline Background Swapping Contiguous
More informationIntroduction to Linux, for Embedded Engineers Tutorial on Virtual Memory. Feb. 22, 2007 Tetsuyuki Kobayashi Aplix Corporation. [translated by ikoma]
Introduction to Linux, for Embedded Engineers Tutorial on Virtual Memory Feb. 22, 2007 Tetsuyuki Kobayashi Aplix Corporation [translated by ikoma] 1 Target Audience of this Presentation People who have
More informationRecap: Memory Management
, 4/13/2018 EE445M/EE360L.12 Embedded and Real-Time Systems/ Real-Time Operating Systems : Memory Protection, Virtual Memory, Paging References: T. Anderson, M. Dahlin, Operating Systems: Principles and
More informationVirtual and Physical Addresses
Virtual Memory 1 Virtual and Physical Addresses Physical addresses are provided directly by the machine. one physical address space per machine the size of a physical address determines the maximum amount
More information